Course detail

Information system security

FEKT-HSCeAcad. year: 2011/2012

Basic terms. Cryptography security mechanisms (encrypting, signing, hashing). Communication security mechanisms (filtering methods, spread spectrum methods, error control codes and protocols). Computer security mechanisms (access control, intrusion detection, software protection, data security, backup, audit, emission security). Other security mechanisms. Security policy. Risk analysis and management. Evaluations of the information system security.

Language of instruction

English

Number of ECTS credits

5

Mode of study

Not applicable.

Learning outcomes of the course unit

Students obtain knowledge needed to the solution of the information system security.

Prerequisites

The subject knowledge on the Bachelor´s degree level is requested.

Co-requisites

Not applicable.

Planned learning activities and teaching methods

Teaching methods depend on the type of course unit as specified in the article 7 of BUT Rules for Studies and Examinations.

Assesment methods and criteria linked to learning outcomes

Requirements for completion of a course are specified by a regulation issued by the lecturer responsible for the course and updated for every.

Course curriculum

Lectures:
1. Basic terms.
2. Cryptography protection.
3. Symmetric cryptosystems.
4. Encryptors and key distributions.
5. Asymmetric cryptosystems.
6. Sigital signature and PKI.
7. Secure communications protocols.
8. Attacks on cryptography protections.
9. Attacks on WLAN.
10. Emission security.
11. Block error codes.
12. Convolutional error codes.
13. Protections of communications channels.
14. Spread spectrum channels.
15. Steganography methods.
16. Filtering methods, intrusion detection systems.
17. Password and biometric access controls.
18. Token access control.
19. Computer security.
20. Malicious software.
21. Physical protections.
22. Data back-up.
23. Security management in information systems.
24. Risk analysis and management.
25. Security evaluations of information systems.
26. Security legislature for information systems.

Numerical excercises:
1. Applications of secrecy theory.
2. Applications of symmetric cryptography.
3. Applications of asymmetric cryptography.
4. Applications of secure communication protocols.
5. Applications of emission security.
6. Applications of error codes.
7. Applications of spread spectrum methods.
8. Applications of communications controls.
9. Applications of access methods.
10. Applications of software protections.
11. Physical security in practice.
12. Risk management in practice.
13. Applications of ISO 15408.

Others:
1.-13. Individual projects.

Work placements

Not applicable.

Aims

The goal is to become familiar with basic terms of the information system security, security mechanisms and security evaluation methods.

Specification of controlled education, way of implementation and compensation for absences

The content and forms of instruction in the evaluated course are specified by a regulation issued by the lecturer responsible for the course and updated for every academic year.

Recommended optional programme components

Not applicable.

Prerequisites and corequisites

Not applicable.

Basic literature

Stallings, W.: Cryptography and Network Security, Prentice Hall, 1999.

Recommended reading

Not applicable.

Classification of course in study plans

  • Programme EECC-MN Master's

    branch MN-KAM , 2 year of study, winter semester, elective interdisciplinary
    branch MN-TIT , 1 year of study, winter semester, elective specialised

Type of course unit

 

Lecture

26 hod., optionally

Teacher / Lecturer

Syllabus

1. Basic terms.
2. Cryptography protection.
3. Symmetric cryptosystems.
4. Encryptors and key distributions.
5. Asymmetric cryptosystems.
6. Sigital signature and PKI.
7. Secure communications protocols.
8. Attacks on cryptography protections.
9. Attacks on WLAN.
10. Emission security.
11. Block error codes.
12. Convolutional error codes.
13. Protections of communications channels.
14. Spread spectrum channels.
15. Steganography methods.
16. Filtering methods, intrusion detection systems.
17. Password and biometric access controls.
18. Token access control.
19. Computer security.
20. Malicious software.
21. Physical protections.
22. Data back-up.
23. Security management in information systems.
24. Risk analysis and management.
25. Security evaluations of information systems.
26. Security legislature for information systems.

Fundamentals seminar

26 hod., compulsory

Teacher / Lecturer

Syllabus

1. Applications of secrecy theory.
2. Applications of symmetric cryptography.
3. Applications of asymmetric cryptography.
4. Applications of secure communication protocols.
5. Applications of emission security.
6. Applications of error codes.
7. Applications of spread spectrum methods.
8. Applications of communications controls.
9. Applications of access methods.
10. Applications of software protections.
11. Physical security in practice.
12. Risk management in practice.
13. Applications of ISO 15408.